diff options
author | gVisor bot <gvisor-bot@google.com> | 2021-05-26 19:28:13 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-05-26 19:28:13 +0000 |
commit | 66e5e6cfec12612f3d6fd9baa72ab93752211883 (patch) | |
tree | ae47482de0bc6c5ec7ecc95170ff364d37d2d289 /pkg/sentry/fsimpl | |
parent | 425f4b5d29de7dae77ba32ca63896f69c31915d3 (diff) | |
parent | 9fcc44f991203343438b489389c2b861040086ac (diff) |
Merge release-20210518.0-49-g9fcc44f99 (automated)
Diffstat (limited to 'pkg/sentry/fsimpl')
-rw-r--r-- | pkg/sentry/fsimpl/verity/verity.go | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/verity/verity.go b/pkg/sentry/fsimpl/verity/verity.go index fa7696ad6..969003613 100644 --- a/pkg/sentry/fsimpl/verity/verity.go +++ b/pkg/sentry/fsimpl/verity/verity.go @@ -868,6 +868,10 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa fd.mu.Lock() defer fd.mu.Unlock() + if _, err := fd.lowerFD.Seek(ctx, fd.off, linux.SEEK_SET); err != nil { + return err + } + var ds []vfs.Dirent err := fd.lowerFD.IterDirents(ctx, vfs.IterDirentsCallbackFunc(func(dirent vfs.Dirent) error { // Do not include the Merkle tree files. @@ -890,8 +894,8 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa return err } - // The result should contain all children plus "." and "..". - if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2 { + // The result should be a part of all children plus "." and "..", counting from fd.off. + if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2-int(fd.off) { return fd.d.fs.alertIntegrityViolation(fmt.Sprintf("Unexpected children number %d", len(ds))) } |